CWE-278: Insecure Preserved Inherited Permissions

low-risk

A product inherits a set of insecure permissions for an object, e.g. when copying from an archive file, without user awareness or involvement.

Abstraction: Variant

Common Consequences

Confidentiality Read Application Data

Real-World Examples (5)

CVE CVSS EPSS KEV
CVE-2023-38497 7.9 5.7%
CVE-2025-2947 7.2 0.2%
CVE-2024-37769 8.8 0.1%
CVE-2024-36538 8.8 0.1%
CVE-2024-38531 3.6 0.0%
0
/ 100
low-risk
Active Threat 0/50 · Minimal
Exploit Availability 0/50 · Minimal